summaryrefslogtreecommitdiffstats
path: root/source4/rpc_server
diff options
context:
space:
mode:
Diffstat (limited to 'source4/rpc_server')
-rw-r--r--source4/rpc_server/lsa/dcesrv_lsa.c56
-rw-r--r--source4/rpc_server/samr/dcesrv_samr.c26
2 files changed, 34 insertions, 48 deletions
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c
index 78973776f1..85f94712ba 100644
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -220,6 +220,9 @@ static NTSTATUS lsa_get_policy_state(struct dcesrv_call_state *dce_call, TALLOC_
struct lsa_policy_state **_state)
{
struct lsa_policy_state *state;
+ const char *domain_attrs[] = {"nETBIOSName", "nCName", NULL};
+ int ret_domain;
+ struct ldb_message **msgs_domain;
state = talloc(mem_ctx, struct lsa_policy_state);
if (!state) {
@@ -237,36 +240,47 @@ static NTSTATUS lsa_get_policy_state(struct dcesrv_call_state *dce_call, TALLOC_
return NT_STATUS_INVALID_SYSTEM_SERVICE;
}
+ ret_domain = gendb_search(state->sam_ldb, mem_ctx, NULL, &msgs_domain, domain_attrs,
+ "(&(&(nETBIOSName=%s)(objectclass=crossRef))(ncName=*))",
+ lp_workgroup());
+
+ if (ret_domain == -1) {
+ return NT_STATUS_INTERNAL_DB_CORRUPTION;
+ }
+
+ if (ret_domain != 1) {
+ return NT_STATUS_NO_SUCH_DOMAIN;
+ }
+
/* work out the domain_dn - useful for so many calls its worth
fetching here */
- state->domain_dn = talloc_reference(state,
- samdb_search_string(state->sam_ldb, mem_ctx, NULL,
- "dn", "(&(objectClass=domain)(!(objectclass=builtinDomain)))"));
+ state->domain_dn = talloc_steal(state, samdb_result_string(msgs_domain[0], "nCName", NULL));
if (!state->domain_dn) {
return NT_STATUS_NO_SUCH_DOMAIN;
}
/* work out the builtin_dn - useful for so many calls its worth
fetching here */
- state->builtin_dn = talloc_reference(state,
- samdb_search_string(state->sam_ldb, mem_ctx, NULL,
- "dn", "objectClass=builtinDomain"));
+ state->builtin_dn = talloc_steal(state,
+ samdb_search_string(state->sam_ldb, mem_ctx, NULL,
+ "dn", "objectClass=builtinDomain"));
if (!state->builtin_dn) {
return NT_STATUS_NO_SUCH_DOMAIN;
}
/* work out the system_dn - useful for so many calls its worth
fetching here */
- state->system_dn = talloc_reference(state,
- samdb_search_string(state->sam_ldb, mem_ctx, state->domain_dn,
- "dn", "(&(objectClass=container)(cn=System))"));
+ state->system_dn = talloc_steal(state,
+ samdb_search_string(state->sam_ldb, mem_ctx, state->domain_dn,
+ "dn", "(&(objectClass=container)(cn=System))"));
if (!state->system_dn) {
return NT_STATUS_NO_SUCH_DOMAIN;
}
- state->domain_sid = samdb_search_dom_sid(state->sam_ldb, state,
- state->domain_dn, "objectSid",
- "dn=%s", state->domain_dn);
+ state->domain_sid = talloc_steal(state,
+ samdb_search_dom_sid(state->sam_ldb, state,
+ state->domain_dn, "objectSid",
+ "dn=%s", state->domain_dn));
if (!state->domain_sid) {
return NT_STATUS_NO_SUCH_DOMAIN;
}
@@ -276,13 +290,9 @@ static NTSTATUS lsa_get_policy_state(struct dcesrv_call_state *dce_call, TALLOC_
return NT_STATUS_NO_SUCH_DOMAIN;
}
- state->domain_name = talloc_reference(state,
- samdb_search_string(state->sam_ldb, mem_ctx,
- state->domain_dn, "name",
- "dn=%s", state->domain_dn));
- if (!state->domain_name) {
- return NT_STATUS_NO_SUCH_DOMAIN;
- }
+ state->domain_name = talloc_strdup(state,
+ samdb_result_string(msgs_domain[0], "nETBIOSName",
+ lp_workgroup()));
*_state = state;
@@ -619,14 +629,6 @@ static NTSTATUS lsa_CreateTrustedDomain(struct dcesrv_call_state *dce_call, TALL
samdb_msg_add_string(trusted_domain_state->policy->sam_ldb, mem_ctx, msg, "securityIdentifier", sid_string);
}
- /* pull in all the template attributes. */
- ret = samdb_copy_template(trusted_domain_state->policy->sam_ldb, mem_ctx, msg,
- "(&(name=TemplateTrustedDomain)(objectclass=trustedDomainTemplate))");
- if (ret != 0) {
- DEBUG(0,("Failed to load TemplateTrustedDomain from samdb\n"));
- return NT_STATUS_INTERNAL_DB_CORRUPTION;
- }
-
samdb_msg_add_string(trusted_domain_state->policy->sam_ldb, mem_ctx, msg, "objectClass", "trustedDomain");
trusted_domain_state->trusted_domain_dn = talloc_reference(trusted_domain_state, msg->dn);
diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c
index 3cda88c04c..26593d1697 100644
--- a/source4/rpc_server/samr/dcesrv_samr.c
+++ b/source4/rpc_server/samr/dcesrv_samr.c
@@ -747,7 +747,7 @@ static NTSTATUS samr_CreateUser2(struct dcesrv_call_state *dce_call, TALLOC_CTX
a_state->domain_state = talloc_reference(a_state, d_state);
a_state->account_dn = talloc_steal(a_state, msg->dn);
- /* retrieve the sid for the group just created */
+ /* retrieve the sid for the user just created */
sid = samdb_search_dom_sid(d_state->sam_ctx, a_state,
msg->dn, "objectSid", "dn=%s", msg->dn);
if (sid == NULL) {
@@ -907,7 +907,7 @@ static NTSTATUS samr_CreateDomAlias(struct dcesrv_call_state *dce_call, TALLOC_C
/* Check if alias already exists */
name = samdb_search_string(d_state->sam_ctx, mem_ctx, NULL,
"sAMAccountName",
- "(&pAMAccountName=%s)(objectclass=group))",
+ "(sAMAccountName=%s)(objectclass=group))",
alias_name);
if (name != NULL) {
@@ -2040,17 +2040,6 @@ static NTSTATUS samr_AddAliasMember(struct dcesrv_call_state *dce_call, TALLOC_C
return NT_STATUS_NO_MEMORY;
}
- /* pull in all the template attributes */
- ret = samdb_copy_template(d_state->sam_ctx, mem_ctx, msg,
- "(&(name=TemplateForeignSecurityPrincipal)"
- "(objectclass=foreignSecurityPrincipalTemplate))");
- if (ret != 0) {
- DEBUG(0,("Failed to load "
- "TemplateForeignSecurityPrincipal "
- "from samdb\n"));
- return NT_STATUS_INTERNAL_DB_CORRUPTION;
- }
-
/* TODO: Hmmm. This feels wrong. How do I find the base dn to
* put the ForeignSecurityPrincipals? d_state->domain_dn does
* not work, this is wrong for the Builtin domain, there's no
@@ -2076,13 +2065,9 @@ static NTSTATUS samr_AddAliasMember(struct dcesrv_call_state *dce_call, TALLOC_C
memberdn = msg->dn;
samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg,
- "name", sidstr);
- samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg,
"objectClass",
"foreignSecurityPrincipal");
- samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg,
- "objectSid", sidstr);
-
+
/* create the alias */
ret = samdb_add(d_state->sam_ctx, mem_ctx, msg);
if (ret != 0) {
@@ -3256,7 +3241,7 @@ static NTSTATUS samr_GetDomPwInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX
struct ldb_message **msgs;
int ret;
const char * const attrs[] = {"minPwdLength", "pwdProperties", NULL };
- void *sam_ctx;
+ struct ldb_context *sam_ctx;
ZERO_STRUCT(r->out.info);
@@ -3267,8 +3252,7 @@ static NTSTATUS samr_GetDomPwInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX
ret = gendb_search(sam_ctx,
mem_ctx, NULL, &msgs, attrs,
- "(&(name=%s)(objectclass=domain))",
- lp_workgroup());
+ "(&(!(objectClass=builtinDomain))(objectclass=domain))");
if (ret <= 0) {
return NT_STATUS_NO_SUCH_DOMAIN;
}